Threat Event Frequency

Threat event frequency represents the number of times per year that an internal actor will accidentally misconfigure the scoped asset. Misconfiguration errors occur during the asset setup or change management process and are typically due to system admin actions. Other accidental employee actions are not in the scope for this attack pattern.

Vulnerability

Vulnerability (or susceptibility) represents the probability that an internal actor’s misconfiguration will be successfully pushed to production and result in a successful breach or outage of a critical asset

Primary Loss Magnitude

The loss event occurs once the misconfiguration has been pushed to production on the asset. This typically triggers incident response, management, and containment efforts, at a minimum.

Secondary Loss Event Frequency

Secondary loss event frequency is modeled as the probability of responsive controls (such as backups or encryption) being circumvented and conditional (secondary) losses occurring.